Data protection
The Data Protection Act 1998 states that anyone processing personal data must comply with the eight enforceable principles of good practice. These state that data must be:
- fairly and lawfully processed
- processed for limited purposes
- adequate, relevant and not excessive
- accurate
- not kept longer than necessary
- processed in accordance with the data subject's rights
- secure
- not transferred to countries without adequate protection.
Data Protection legislation applies to the school information management systems (SIMS).
Advice to schools on keeping data secure was produced by the former Government agency Becta and is available on the Becta archive.
Information on the individual's rights of access to examination records is available from the Information Commissioner’s Office.
School e-portfolios
Learning environment software may enable schools to hold electronic portfolios on individual pupils and teachers. Data Protection legislation applies to e-portfolios as it does to other learning environment facilities such as notice boards and chatrooms.
Questions for schools include:
- Has the school identified the appropriate levels of privacy on personal data contained within e-portfolios and has guidance been distributed to staff, pupils and parents - that is, who can see what, when and for how long?
- Are systems in place to ensure the ethical use of data collected?
- Are systems in place to ensure the validity of the information contained within e-portfolios?
- Does the school have/require a ‘gatekeeper’ for e-portfolios?
Computer misuse in schools
The Computer Misuse Act 1990 deals with the problem of hacking of computer systems. Legislation recognises three key offences:
- Unauthorised access to computer material
- Unauthorised access with intent to commit or facilitate commission of further offences
- Unauthorised modification of computer material
Use of school systems for commercial purposes
School systems may not be used for unauthorised commercial transactions.
Neither teachers nor pupils should use the IT facilities for private financial gain or for commercial purposes.
Systems must not be used to either offer, provide, or purchase products or services unless prior approval to do so has been given.
Premium rate numbers and phone bills
The premium rate regulator, PhonepayPlus , has online awareness materials “PhoneBrain” for KS3 and KS4 pupils on dealing with problems with phone quizzes, online adverts, mobile phone subscriptions and premium rate bills. There is also advice for parents and teachers.